System and Method of Enhanced Identity Recognition Incorporating Random Actions

ABSTRACT

A system and method for authenticating a requester seeking service. In response to a received request, the system selects a random biometric behavior. A request to provide the selected behavior is output by the system. Evaluation circuitry compares the received behavioral response, from the requester, to information from an authorized user database and determines if the requested service should be provided.

FIELD

The application pertains to authentication systems and methods usable byindividuals. More particularly, the application pertains to regionalmonitoring, security or access systems which combine anatomicalcharacteristics with responses to requested random behaviors.

BACKGROUND

There are many commercial applications that need to authenticate users.For example, door access systems such as found in hotels, businesses orthe like. Monitoring systems or system control panels need to verifythat the expected user is in fact the one interfacing with the system orcontrol panel keypad.

Known facial and voice recognition systems are less than 100% accurate.Pre-recorded video/imagery/audio of the authorized user can be used todefeat these systems in security applications. Additionally, passwordsfor security systems or control panels can also be easily compromised ifa different user learns the code.

There is thus a continuing need to improve anatomically basedauthentication systems.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a combined block and flow diagram of an embodimenthereof.

DETAILED DESCRIPTION

While embodiments can take many different forms, specific embodimentsthereof are shown in the drawings and will be described herein in detailwith the understanding that the present disclosure is to be consideredas an exemplification of the principles hereof, as well as the best modeof practicing same. No limitation to the specific embodiment illustratedis intended.

In one aspect, facial and/or voice recognition systems or circuitry canbe combined with random actions requested by the authentication systemto confirm both that the detected imagery/audio is from an authorizeduser and that the user is present in person. In a disclosed, exemplarysystem, the user, or individual seeking service, or access, would beprompted to perform one or more random actions which cannot beanticipated.

The system would require the user, or requester, to perform theaction(s) within a set period of time. Some examples of these actionsinclude one or more of:

-   -   touching your nose with your right thumb    -   touching your left ear    -   smiling    -   making a sad face    -   reading a random passage    -   turning your head left

User facial/voice training during setup and continuous adaptionthereafter can be implemented by embodiments hereof to improve theperformance of authenticating the requester, or, user. For example,voice training would require the authorized requester, or, user to reada script that characterizes their voice. Specifically to increasesecurity, the training script need not include all of the words in therandom passages. In this circumstance, the system would bothauthenticate the requester based on the correct sounds and apply the newwords being introduced once the user was authenticated.

In another embodiment the system could authenticate the user by whatevercriterion was acceptable at the time. Then, it would ask the user tosmile or exhibit another gesture or facial image, and learn the newfacial biometrics for the action to be used at some later time. At somepoint later, the system could be updated or may rely on cloud basedservices to change the collection of actions used to randomize theauthentication process.

In the case of failed attempts, the owner on file can be notified alongwith a video clip of the failed attempt. As a backup for criticalapplications such as for a security panel, failed attempts can beimmediately viewed and evaluated by a human operator at a centralcontrol station. As a deterrent to attempts at defeating the system,recorded video can also be used for criminal prosecution.

In addition to security panels, this approach can be used to increasethe security for any user identity application including but not limitedto smartphone access, computers/laptops, security door access, timecardsor banking ATMs. Websites could rely on the approach instead ofpasswords to login to sites. By requiring the user to perform a randomaction, there is a higher certainty in both that the user is present andof their identity.

In yet another aspect, the system can instruct the user to performrandom actions while applying a combination of voice and facialrecognition algorithms relative to captured audio and video. Bothembedded and Internet based (cloud based) systems are available.

For voice recognition, the random phrases could be partially trained.So, some words or sounds were part of the initial training and then thephrases are broken down into structural units of speech (i.e. phonemes)so that the user's voice is evaluated against the training sample ratherthan the whole phrase. The phonemes that were not part of the originaltraining could be used to refine the original training once all of theother authentication checks passed. The associations betweeen thephonemes and collected identity data are managed in the Authorized UserReference Database. For voice recognition, a Random Phrase Generator cancreate a new challenge phrase based on the identified phonemes andphonetic dictionaries. One such alphabet for phonemes is theInternational Phonetic Alphabet. This system could be used for anyspoken language.

For facial recognition, separate frames of video can be analyzed. Inselected embodiments, the changes in key dimensions such assize/shape/distances/color of the eyes, eyebrows, chin, face outline,teeth or mouth relative to the nose or other facial structures can beevaluated. The identity of the requester, or user, can be evaluatedthrough the reading of text, in conjunction with voice and throughmotion such as the way the hand may touch the face (or the shape of thehand itself).

It will be understood that neither the type nor the form of use of arandomizing request are limitations hereof. All such randomizing eventscome within the spirit and scope hereof.

FIG. 1 illustrates an integrated system 10 and flow diagram 100illustrating an embodiment hereof. System 10 includes one or more useror requester input devices 12, 12 a which can be the same or different.Representative input devices include key pads, touch screens, cardreaders, wireless receivers and the like without limitation.

An unknown user or requester U1 can make an access request via inputdevice 12, as at 102, while providing minimal identificationinformation. Alternately, an access can be provided by user U2 incombination with partial identifying information, via input device andcircuits 12 a.

The user inputs can be coupled to identification circuits 14 which canselect a random identification action, as at 104. An updatableidentification data base 16 can be interrogated by the circuits 14 whichcan select the random identification action.

The selected identification action can be presented at 106, in a verbalor visual format via user output device and related circuits 20.Representative random action requests can include a text requestdisplayed on a screen of the device 20. For example, read this . . . ,or do this . . . Alternately, audio instructions can be output viadevice 20, such as, repeat the following. In yet another alternate, avisual behavior such as touch your nose, or, touch your ear, can berequested.

The provided responses are received at a response input device 22.Device 22 can include one or more microphones or cameras. Asillustrated, at 108, the received audio or video characteristics of theuser, or requester such as U1, or U2 can be recorded, analyzed andmeasured as at 108.

The received responses, as may be processed including phonetic data,facial measurements, relative timing or pitch contours, all withoutlimitation, can be stored in one or more storage devices as at 112.Evaluation circuits 28 coupled to the response input device 22 and anauthorized user reference database 30 can compare the received responsesto expected responses, as at 114. In this regard, where partialidentifying information has been provided via device and circuits 12 a,that information can be incorporated into the evaluation by circuits 28.

Depending on the results of the comparison at 114, a determination canbe made, as at 116 as to the identity of the user, and whether theuser's request will be granted.

Those of skill will understand that a variety of homophones and commonphonetic sounds can be incorporated into information stored in theidentification action data base 16. Some examples of these and theirInternational Phonetic Alphabet translations include:

  bottle / model (match “ 

 ” from “bat 

 l / mad 

 l”)   flower / plow (match “aw” from “flaw 

 r / plaw”)   Here / hear / ear (match “ 

 r” from “h 

 r / h 

 r / 

 r”)   Plate / eight / ate (match “et” from “plet / et / et”)   Greenery/ scenery (match “in 

 ri” from “grin 

 ri / sin 

 ri”)   Explain / plane / airplane / plain (match “plen” from  

 ksplen / plen / εrplen / plen)   To / two / too (tu / tu / tu)   Beat /beet (bit / bit)   Air / heir (εr / εr)   Hare / hair (hεr / hεr)   Bare/ Bear (bεr / bεr)   Know / no (no / no)   Wait / weight (wet / wet)  Flowers in the open plain (match aw 

 rz/ 

 

 /plen from “flaw 

 rz 

 n  

 

op 

 n plen”)   I spent hours on the airplane (match aw 

 rz/ 

 

 /plen from “aj spεnt aw 

 rz an 

 

 εrplen”)

The random action selection process, as at 104, can request a user, orrequester to perform a second identification action to collect newidentity references for future access once the user has beenauthenticated. Alternately, the user can be asked to perform a combinedaction that authenticates while collecting additional identityinformation, such as reusing words or phrases or phonemes or usinghomophones. Advantageously, in both modes, the system performscontinuous adaption to tune authentication based on known referenceinformation to determine acceptable variability of received responses.

In summary, the combination of these approaches with a randomized actiondetermined by the secure system can increase the certainty of theidentity of the user. In a further aspect, the above described methodcan also be used by a website to test for human interaction withoutidentification. By requesting a user, or requester, to perform randomactions as described herein it becomes more difficult for an intrudingcomputer system to generate correct audio and video responses in anallotted time interval. The likelihood of successful intrusion isthereby reduced.

A simplified version of this computing system could also be used as a“reverse Turing test” administered to simply determine whether theunknown user is a human by challenging them to perform these randomactions. For example, a website could test the unknown user to performthe action and test for basic facial/vocal matches to prevent bots fromposting spam or skewing online polls. This would be applicable for lowsecurity needs as well as where the bandwidth, processing and/ordatabase constraints are limited.

From the foregoing, it will be observed that numerous variations andmodifications may be effected without departing from the spirit andscope hereof. It is to be understood that no limitation with respect tothe specific apparatus illustrated herein is intended or should beinferred. It is, of course, intended to cover by the appended claims allsuch modifications as fall within the scope of the claims.

Further, logic flows depicted in the FIGURE do not require theparticular order shown, or sequential order, to achieve desirableresults. Other steps may be provided, or steps may be eliminated, fromthe described flows, and other components may be add to, or removed fromthe described embodiments.

1. A method comprising: receiving a request for service which includesan identifier; evaluating the identifier and requesting a randomphysiological-type response; receiving a response to the request; andevaluating the received response and determining if that receivedresponse corresponds to a predetermined response.
 2. A systemcomprising: a user input device; identification circuits coupled to theinput device, the circuits select a random authentication behavior; andoutput circuits that present the selected random behavior at least oneof audibly or visually.
 3. A system as in claim 2 wherein the outputcircuits present the random request both audibly and visually.
 4. Asystem as in claim 2 which includes evaluation circuits that receive aresponse to the request and detect if the received response correspondsto an expected response.
 5. A system as in claim 4 wherein the outputcircuits present the random request both audibly and visually.
 6. Asystem as in claim 4 with a regional monitoring system which includesthe identification and evaluation circuits.
 7. A system as in claim 6wherein the output circuits present the random request both audibly andvisually.
 8. A system as in claim 2 where the requested behaviorincludes at least one of a visual movement, a visual image, or anaudible response.
 9. A system as in claim 2 where the input deviceincludes at least one of a video-type camera directed to a viewingregion, and a microphone.
 10. A system as in claim 9 where at least oneof the camera or microphone is coupled to the identification circuits.11. A system as in claim 2 where the random request is select from aclass which includes at least one of a request to perform an audiblebehavior, or a visual behavior.
 12. A system as in claim 4 where theevaluation circuits store at least selected aspects of expectedresponses and where the evaluation circuits determine if receivedresponses correspond to at least one of the expected responses.
 13. Asystem as in claim 12 where the evaluation circuits request newresponses from the authentified entities and store representations ofthose responses for use in subsequent authentication processes.
 14. Asystem as in claim 13 where correspondence processing includes at leastone of pattern recognition processing, frequency domain processing,mathematical processing, or phoneme-type processing.
 15. A system as inclaim 14 where in response to a failure of correspondence betweenreceived and stored responses, video of the failed attempt can beforwarded to a displaced monitoring station.
 16. A system as in claim 15where the user input device includes a communications unit coupled tothe identification circuits where the communication unit includes amicrophone, at least one video-type camera, and, at least one of anaudio or visual output device to present random requests.
 17. A systemas in claim 16 where received responses are selected from a class whichincludes at least phonetic data, facial measure measurements, relativetiming and pitch contours.
 18. A system as in claim 17 which includes anauthorized user data base.
 19. A system as in claim 18 which includes anidentification action database.
 20. A system comprising circuits toselect a random, physiologically based identification action from aprestored database of actions in response to an access request; anoutput device, coupled to the circuits, to present the selected actionto a requester and to request a response thereto; an input device toreceive the response; and evaluation circuits to compare the receivedresponse to at least a database of authorized users.